[MEDIUM] MantisBT: Authorization Bypass in Bugnote Editing via Issue Update API

PKSA-67ww-bjf6-fqgz CVE-2026-42070 GHSA-pq86-j2c2-47f6

Affected package: mantisbt/mantisbt

Affected version: <=2.28.1

Reported by:
GitHub